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CLAIMS 

A method of securing communication between at least two members of a group, 
wherein each member is an autonomous system comprising one or more devices, the 
method including the steps of: 

forwarding, to at least one member of the group, a group security 
association corresponding to the group; 

receiving, from the at least one member of the group, route information 
enabling communication with each of the one or more devices of the autonomous 
system corresponding to the member; 

identifying at least one other member of the group; and 
reflecting the route information received from each member of the group 
to the at least one other member of the group, including the step of securing the 
route information using the group security association. 

The method of claim 1, wherein the step of reflecting the route information. 
The method according to claim 1, further comprising the step of receiving a 
registration request from the at least one member of the group. 
The method according to claim 4 wherein the registration request includes a list 
including the at least one other member of the group. 

The method according to claim 5, wherein the step of identifying the at least one other 
member includes the step of forwarding a request for routing information to the at 
least one other member, the request including an identifier for the group. 
The method according to claim 4, wherein the step of identifying includes the step of 
auto-discovering the at least one other member of the group in response to the 
registration request by issuing a request for routing information to other devices in the 
network, the request for routing information including an identifier for the group. 
A device for providing secure communications between at least two members of a 
group over a backbone, the device comprising: 
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security association functionality for forwarding a group security 
association of the group to the at least two members of the group; and 

route reflection functionality, for identifying at least one of the at least two 
members of the group, receiving routing information for the at least one of the two 
5 members of the group, securing the routing information for the at least one of the 

two members of the group using the group security association and for forwarding 
the secured routing information to another one of the at least two members of the 
group. 

The device of claim 7 wherein the functionality for identifying at least one of the two 
members of the group is auto-discovery logic. 

The device of claim 7 wherein the functionality for identifying at least one of the two 
members of the group includes a list of members of the group. 
A method for communicating securely by one member of a group with at least one 
other member of the group over a backbone including the steps of: 

receiving, at the one member, a group security association corresponding 
to the group; 

forwarding, by the one member to another coupled device, routing 
information for the one member, the routing information being secured using the 
group security association of the group. 
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1 1 . The method of claim 10 including the steps of: 

receiving, at the one member, from the coupled device, routing 
information associated with the at least one other member of the group, wherein 
25 the routing information is secured using the group security association of the 

group. 
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The method of claim 1 1 further comprising the steps of 

restoring the routing information using the group security association of the 
group; 
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securing a packet for transmission to the at least one other member of the group 
using the group security association to provide a secured packet; 

forwarding the secured packet to the at least one other member using the restored 
routing information. 

5 

13. The method of claim 12 wherein the step of forwarding includes building a tunnel to 
the at least one other member of the group using the routing information and the 
group security association. 

10 14. A network comprising: 

a group of interconnected autonomous system; 

means for providing secure communications between at least two of the 
autonomous systems in the group, comprising: 

means for assigning a security association to the group, wherein communications 
: 15 between members of the group are secured using the security association; 

!■■ means for reflecting routes to each of the autonomous systems in the group to 

other autonomous systems of the group, wherein the reflected routes are secured using 
the security association of the group. 

15. The network according to claim 14, wherein the means for reflecting routes to each of 
20 the autonomous system in the group includes means for identifying each of the 

autonomous systems of the group. 

16. The network according to claim 15 wherein the means for identifying each of the 
members of the group includes a registration request having a list of all of the 
autonomous systems in the group. 

25 17. The network according to claim 16, wherein the means for identifying each of the 

members of the group includes auto-discovery means. 
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